DDNS Client

Introduction

DDNS stands for Dynamic DNS. Simply put, using this service gives a name to your IP. So if you're hosting something on your line, people would not have to bother typing your IP. They can just type in your domain name! It also helps when your IP changes. Users won't need to discover what your new IP is, they can simply type your domain name.

This guide will help you configure your DDNS service, so that your router auto-updates your IP to your DDNS provider. The simplest method possible would be through LuCI (the default webUI for OpenWrt).

OpenWrt uses ddns-scripts which are Bourne shell scripts.
There are other scripts and programs available in the web, also some DDNS providers offer their own programs.
All of them are currently not ported and tested on OpenWrt.

Inside OpenWrt two package versions are available:
up to Barrier Breaker 14.07 it's ddns-scripts version 1.x
since Chaos Calmer 15.05 it's ddns-scripts version 2.x with IPv6 support and many other extensions
the corresponding LuCI application luci-app-ddns is also available.

Without any annotation the description works for all ddns-scripts versions.

Requirements

First of all, you'll need to pick and register a DNS name with a compatible DynamicDNS service provider.
For a list of DDNS providers, see:

If you have picked a DDNS service provider and create your host/domain name you need to note additional your username and password.
Now you need to decide if you want to use secure communication with your DDNS provider or not.
Some provider require secure (HTTPS) communication. Read their help pages for details and also read provider specific informations below.

Support

If you need support, found an issue or only want to request a new extension for the next release, please post your questions/issues/requests here: (Don't forget to post informations about your used software versions.)

After luci-app-ddns (and other packages) are installed, just press any other menu entry on the Openwrt LuCI webUI, and the page will refresh itself and it will appear in the menu under 'Services' → 'Dynamic DNS'.

SSL support

By default ddns-scripts uses BusyBox buildin 'wget' for DDNS updates over http, which does not support https (SSL).
To perform DDNS updates over https (SSL), you will need to install the 'wget' or 'curl' package, and add the appropriate root certificate for your ddns provider.

Including AA 12.09 only 'curl' package is supported to use for SSL communication.
To install curl and needed certificate bundle follow these steps on console:

Since BB 14.07ddns-scripts support both 'wget' and 'curl' package.
Installation is simple by installing either 'wget' or 'curl' plus 'ca-certificates' packages.
If both packages are installed ddns-scripts will use 'wget'.

Since CC 15.05 If both packages installed you can configure which one to prefere. Default is 'wget'.

You can install either via LuCI (from the menu select 'System' → 'Software') and search for 'wget' or 'curl'
of install via console using following commands:

If you, also for other software, needs all certificates in one file or you want to update CA certificates reulary then do NOT install 'ca-certificates' package.'ca-certificate' package is not always backported to older OpenWrt versions.
Install latest CA certificates (in one file) using console:

other functions

Since CC 15.05ddns-scripts support other special communication functions to be used:

Run once (useful for usage with crond)

Set proxy with/without authenfication for http/https requests

Set DNS server to use other than system default

Binding to specific network if wget or to specific interface if curl installed.

Force the usage of either IPv4 or IPv6 communication only. Require either wget or curl AND bind-host !

DNS requests via TCP. Require either wget or curl AND bind-host !

Configuration

Basics

ddns-scripts are designed to update one host per configuration/section.
To update multiple hosts or providers or IPv4 and IPv6 for the same host you need to define separate configurations/sections.
Some provider offer to update multiple host within one update request. A possible solution for this option is to use –custom– service name settings.
Have a look at Provider specifics.

The main settings you need to set are (all other normally work fine with the defaults):

Service name

the DDNS service provider to use

Host/Domain

your FQDN you want to update (used by ddns-scripts using nslookup to check if update has happen)

Username

username or other parameter to use as username (send urlencoded)

Password

password or other parameter to use as password (send urlencoded)including BB 14.07 Ensure this password does not have "$1" or $ with any number following in it, as this breaks the script.

Interface

network name (i.e. wan, wan6) used by OpenWrt hotplug event system to start ddns-scripts

since DD (trunk) the following main settings needs to be set:

Service name

the DDNS service provider to use

Lookup Host

ONE of your defined FQDN you want to update (used by ddns-scripts using nslookup to check if update has happen)

Host/Domain

mostly same as 'Lookup Host', but now can also be used as "normal" parameter. i.e. as list of hosts to be updated

Username

username or other parameter to use as username (send urlencoded)

Password

password or other parameter to use as password (send urlencoded)

Interface

network name (i.e. wan, wan6) used by OpenWrt hotplug event system to start ddns-scripts

After fresh installation a configuration/section 'myddns' and since CC 15.05'myddns_ipv4' and 'myddns_ipv6' exists ready to be modified for your needs.
You could delete them and define your own.

Please heed the following important hints:

It is NOT allowed to use dash-sign "-" inside configuration/section names.

A full list of supported settings (some not supported by LuCI webUI) you will find in UCI documentation!

You need minimum one enabled configuration/section for ddns service to start!

since BB 14.07 you need to enable ddns service to enable updates being send on reboot and hotplug events!

Although described elsewhere, it is not recommended to change the files '/usr/lib/ddns/services' or '/usr/lib/ddns/services_ipv6' because they will be overwritten during system and package updates!

using LuCI

Login into your router through your browser.
From the menu select 'Services' → 'Dynamic DNS'.
Navigate to the configuration/section you like to change.
Modify the fields you need to change.
Don't forget to check the 'Enabled' option!
Click [Save & Apply] button to save changes.

To add a new configuration/section:
Type the new name into the text entry box at the bottom of the page next to [Add] button.Do not use a dash character "-" in configuration/section name!
Click [Add] button.
Modify the fields you need to change.
Don't forget to check the 'Enabled' option!
Click [Save & Apply] button to save changes.

Since CC 15.05'Username' and 'Password' fields are required fields. If your provider do not require one or both of them, simply put in a character of your choise.

Since BB 14.07 you need to enable ddns service!
From the menu select 'System' → 'Startup'.
Set ddns service to enabled.

SSL Support

Including BB 14.07 it is not possible to configure SSL-Support (using HTTPS) via LuCI webUI. You need to configure via console!Since CC 15.05 options to configure HTTPS communication are only available if wget or curl package is installed. (See Hints if shown.)

Check 'Use HTTP Secure' option.
Additional field 'Path to CA-Certificate' is shown with it's default setting.
If you have installed ca-certificates package leave the shown default! (/etc/ssl/certs)
If you have installed CA certificates in one file from above set the value to: /etc/ssl/certs/ca-certificates.crt
If you like to use other certificate you need to set here the full path to the certificate including file name. (/path/to/file.crt)
If your certificates are stored in a different path, set here the path where your certificates are located. (/path/to/files)
Click [Save & Apply] button to save changes.

Custom Service

If you want to use a DDNS provider currently not listed or you want to update multiple hosts within one configuration/section then you should do the following:
Choose '–custom–' as service.
Additional field 'Custom update-URL' is shown.
Fill in the URL you like to use. Please read URL syntax description below.
Also have a look at Provider specifics.
Click [Save & Apply] button to save changes.

If you found a DDNS provider not listed or with additional IPv6 support or with changed update URL please open an issue at Github-OpenWrt-Packages so it can be included with the next release.

via Console

The easiest way to configure ddns-scripts via console is to edit the file /etc/config/ddns directly using build-in vi editor or any other editor you prefer. Other editors as vi needs to be installed separately.

uci set ddns.myddns.service_name="ddnsprovider.com" # only use names listed in /usr/lib/ddns/services
# or /usr/lib/ddns/services_ipv6 (since CC 15.05)
uci set ddns.myddns.domain="host.yourdomain.net"
uci set ddns.myddns.username="your_user_name"
uci set ddns.myddns.password="p@ssw0rd"
uci set ddns.myddns.interface="wan" # network interface that should start this configuration/section
uci set ddns.myddns.enabled="1"
uci commit ddns # don't forget this, otherwise data not written to configuration file

ddns.myddns.enabled="1" means:

'ddns' is the configuration file to change (here /etc/config/ddns)

'myddns' is the configuration/section to change

'enabled' is the option to set/change

behind the equal-sign is the value to set. Set single- or double-quotes around the value and no space or whitespace around the equal-sign.

Example to create/add a new configuration/section "newddns":

root@OpenWrt:/#

uci set ddns.newddns="service"
uci set ddns.newddns.service_name="ddnsprovider.com" # only use names listed in /usr/lib/ddns/services
# or /usr/lib/ddns/services_ipv6 (since CC 15.05)
uci set ddns.newddns.domain="host.yourdomain.net"
uci set ddns.newddns.username="your_user_name"
uci set ddns.newddns.password="p@ssw0rd"
uci set ddns.newddns.interface="wan" # network interface that should start this configuration/section
uci set ddns.newddns.enabled="1"
uci commit ddns # don't forget this, otherwise data not written to configuration file

Since BB 14.07 you need to enable ddns service by:

root@OpenWrt:/#

/etc/init.d/ddns enable

SSL Support

Including AA12.09ddns-scripts only support 'curl' package to use for SSL communication.
You should have followed the installation steps above and
add the following entries to desired section in '/etc/config/ddns' file:

URL Syntax

It's not needful to set 'https://'. If SSL support is activated 'http://' is replaced automatically. The entries [USERNAME] [PASSWORD] [DOMAIN] [IP] are replaced by ddns-scripts just before update.
[USERNAME] is replaced by content of 'option username' from configuration file.
[PASSWORD] is replaced by content of 'option password' from configuration file.
[DOMAIN] is replaced by content of 'option domain' from configuration file.
[IP] is replaced by the current IP address of your OpenWrt system.

carefully set 'option domain' in your configuration. This option is also used to detect if the update was successfully done. This entry is the DNS name your OpenWrt system will be reachable from the internet. Have a look at Provider specifics for samples.

If you found a DDNS provider not listed or with additional IPv6 support or with changed update URL please open an issue at Github-OpenWrt-Packages so it can be included with the next release.

Detecting local IP

This section is currently under construction

Here a list (without preferences) of url's to detect your current public ip used by your system:

1) users reported timeout problems, use links in the line below (…:8245)2) alias of *.dyndns.com

Operation

Enable minimum one configuration/section !
since BB 14.07 you need to enable ddns service !

Basics

Normally no user actions are required because ddns-scripts starts when hotplug ifup event happens. This will happen automatically at system startup when the named interface comes up. Event ifup also happen when a dialup network comes up.ddns-scripts regularly check if there is a difference between your IP address at DNS and your interface. If different an update request is send to DDNS provider.

Run manually

using LuCI

To check running ddns-scripts processes from the menu goto 'Status' → 'Processes'.
Look for something like '/bin/sh /usr/lib/ddns/dynamic_dns_updater.sh myddns 0'.
To stop a desired process press the [Terminate] or [Kill] button.
The process should remove from the list.

Including AA 12.09ddns-scripts can only be started creating an 'ifup' hotplug event by restarting the desired interface. Keep in mind that also other service processes (i.e. firewall) might be (re-)started via 'ifup' hotplug event!
From the menu select 'Network' → 'Interfaces'. Select the desired interface and press [Connect] button.

Since BB 14.07 you can enable/disable and start/stop ddns-scripts from 'System' → 'Startup' menu.
Look for service 'ddns' and press the button for the desired action.

Since CC 15.05 you can additional enable/disable and start/stop individual configuration/section from 'Overview'-page at 'Services' → 'Dynamic DNS'.

via console

From console command line you could create an 'ifup' hotplug event for the desired network interface. This will start all enabled ddns configurations/sections monitoring this interface. Keep in mind that also other service processes (i.e. firewall) might be (re-)started via 'ifup' hotplug event!
For INTERFACE, type the specified ddns-scripts interface name (the interface name from /etc/config/network, usually 'wan')

root@OpenWrt:/#

ACTION=ifup INTERFACE=wan /sbin/hotplug-call iface

To start only one ddns-scripts configuration/section (here 'myddns'):

root@OpenWrt:/#

/usr/lib/ddns/dynamic_dns_updater.sh myddns 0 &

To start all ddns-scripts configurations configured for one interface (the interface name from /etc/config/network, usually 'wan'):

root@OpenWrt:/#

sh
. /usr/lib/ddns/dynamic_dns_functions.sh # note the leading period followed by a space
start_daemon_for_all_ddns_sections "wan"
exit

To stop one configuration/section you need to list running ddns processes with:

using scheduler

Since CC 15.05 each configuration/section of ddns-scripts can be configured to run once, including retry on error, so it is guaranteed that the update is sent to the provider.

To configure your configuration/section to run once, set the 'option force_interval' to '0'. By doing so, any setting of 'option force_unit' is ignored.
Inside LuCI, set the 'Force Interval' setting in the [Timer Settings]-tab of your desired configuration, or edit '/etc/config/ddns' via console.

/etc/config/ddns

config 'service' 'myddns'
...
option 'force_interval' '0'

If you set ddns service to 'enable', then all configurations/sections are started during interface 'ifup'.
The configurations/sections configured to run once will stop after successful update.
To guarantee that your configurations only run once not looking for an interface event you need to disable ddns service.
To start your configuration via built-in crond, use the following entry as the command inside the crontab configuration (replace 'myddns' with the name of your configuration/section):

root@OpenWrt:/#

/usr/lib/ddns/dynamic_dns_updater.sh myddns 0 &

Monitoring

Syslog

Including AA 12.09 there is no syslog support implemented in ddns-scripts.
To get an output to syslog you need to do the following modifications.
Edit '/etc/config/ddns' and insert the new 'option use_syslog' to each configuration/section:

/etc/config/ddns

config 'service' 'myddns'
...
option 'use_syslog' '1'

Edit '/usr/lib/ddns/dynamic_dns_functions.sh' and append the following lines:

Logfile

Including BB 14.07ddns-scripts have no logfile support.
To add logfile support to these versions you need to do the following modifications.
Edit '/etc/config/ddns' and insert the new 'option use_logfile' to each configuration/section:

/etc/config/ddns

config 'service' 'myddns'
...
option 'use_logfile' '1'

Edit '/usr/lib/ddns/dynamic_dns_functions.sh' and add the following lines to 'verbose_echo()' function:

Since CC 15.05ddns-scripts have buildin logfile support.
Logfiles are automatically truncated to a settable number of lines (default 250 lines).

Inside LuCI you could enable logfile in [Advanced Settings]-tab of desired configuration/section.
From console you need to edit '/etc/config/ddns' file:

/etc/config/ddns

config 'service' 'myddns'
...
option 'use_logfile' '1'

To view logfile content from LuCI select the [Log File Viewer]-tab of desired configuration/section and press the [Read / Reread log file]-button.
From console you should change to the ddns log directory (default '/var/log/ddns').
You will find a logfile for every configuration/section.

root@OpenWrt:/#

cd /var/log/ddns
ls -la
cat myddns_ipv4.log
cat myddns_ipv6.log

Debugging

To debug what's going on, you can run ddns-scripts in verbose mode.
Following verbose level are defined:

0

Non verbose - No output

1

Output to console (default)

Since CC 15.05 additional:

2

Output to console and logfile.
Run once WITHOUT retry on error.

3

Output to console and logfile.
Run once WITHOUT retry on error.
Sending NO update to DDNS service.

Now you can start one configuration/section for debugging. To stop/break running script press [CTRL]+C.
Replace 'myddns' with your desired configuration/section name and 'level' with the desired verbose level.

root@OpenWrt:/#

/usr/lib/ddns/dynamic_dns_updater.sh myddns level

Including BB 14.07 if you see:
only the update_url=… output you forgot to enable this configuration/section.'badauth' in Update Output, you have to change your password which contains only letters and numbers. Because busybox's (v1.15.3) wget implementation has an issue handling encoded URLs.Since CC 15.05 you will get full description of errors and the output of programs like wget, nslookup etc. used by ddns-scripts

Common errors

Network and name resolution problems:
Check your communication settings with the following commands:

HTTPS/SSL problems:
Check if your DDNS provider ONLY support secure requests and enable HTTPS (option use_https) in your configuration.
Packages 'wget' or 'curl' not installed to support secure communication.'wget'/'curl' could not access/validate SSL certificates.
Check certificate installation and run 'wget' or 'curl' in verbose/debug mode:

Provider specifics

Overview

Remember to read how to configure a custom service.
At provider specific settings, only parameters that needs to be changed are described.
The relevant parameters to use together with a custom settings are:

UCI option

LuCI description

Explanatory note

service_name

DDNS Service provider

Inside LuCI set to '–custom–' or delete from '/etc/config/ddns' if you need to use custom update URL.

update_url

Custom update-URL

Copy from description below, if necessary.

domain

Hostname/Domain

The already registered name at your DDNS provider.Must be your public FQDN because used by nslookup command to check if the send IP update was recognized by your provider and published around World Wide DNS.

username

Username

Normally your username but possibly used with different settings.

password

Password

Normally your password but possibly used with different settings.

If you find a at a provider description below, please support me to test and update this wiki.
Please post a support request if something not working as described or needs to be updated.Thanks!

freedns.afraid.org

service_name freedns.afraid.org
domain [Your FQDN]
username [NOT used. Set to a character of your choice, because LuCI does not accept empty field]
password [Your authorisation token, NOT your account password]

To find your authorisation token, go to http://freedns.afraid.org/dynamic/, login, click "Direct URL".
On the location bar of your browser, copy the authorisation token,
which is the part after http://freedns.afraid.org/dynamic/update.php? url
and paste it in the password field.

service_name delete / --custom--
update_url [Your direct URL updater from your freedns.afraid.org account]
domain [Your FQDN]
username [NOT used. Set to a character of your choice, because LuCI does not accept empty field]
password [NOT used because already part of direct URL. Set to a character of your choice, because LuCI does not accept empty field]

mythic-beasts.com

Looking on description at "Use Mythic Beasts Dynamic DNS with your OpenWRT router" and on the existing source code I found out that there must be issues updating Dynamic DNS.
I have gone in contact with support of mythic-beasts.com. I will update as soon a solution is available.

namecheap.com

Note that with the namecheap protocol, the username option is translated to the host argument in the update request.
Therefore, it should be the host-part on the DNS record, not the username that you use to log into the namecheap.com site.
To update multiple hosts you might need to define separate configuration/section for each host.
To get your password, log into the namecheap.com site, enter the management console for the domain, and click the Dynamic DNS menu option.

Currently ddns-scripts only supports the case where your dynamic subdomain has the same IP address as for your unqualified domain. Otherwise you will send updates to namecheap.com every "option check_interval" 10 minutes (default) because your FQDN is not validated. Proposed solution here, which you can easily implement yourself. (This may only be an issue for ddns-scripts 2.4).

Let assume you define two FQDN at your domain "example.com": "www.example.com" and "ftp.example.com"
To update only your domain record "example.com":

spdyn.de (old spdns.de)

The web-pages of spdns.de are now reachable at spdyn.de.
Currently updates send to update.spdns.de pages are still handled but produce warnings in DDNS update log at the provder.
Created accounts and domains at spdns.de are still working without any problems.

The default is to use your 'username' and 'password' as normal inside ddns-scripts together with 'service_name' 'spdyn.de'.
If you want to use Update-Token, keep in mind that this token can only update the host it is generated for.
Use this settings:

domains.google.com

Last updated: 2016-04-20

Google Domains allows for dynamic names to be set up in the section called Synthetic Records. To access it, log in to https://domains.google.com and go to Configure DNS for the domain in question, then scroll down to Synthetic Records and add a new one. It will issue a specific username and password for this hostname. Google requires HTTPS for updates, so be sure to also install package wget or curl in order to allow this.
Use the following settings: